Description
Stack-based buffer overflow in JustSystems Corporation Ichitaro 13, 2004 through 2009, Viewer 2009 19.0.1.0 and earlier, and other versions allows context-dependent attackers to execute arbitrary code via a crafted Rich Text File (RTF), related to "pvpara ffooter."
References (10)
Core 10
Core References
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/34611
Patch, Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2009/0957
Patch, Vendor Advisory x_refsource_confirm
http://www.justsystems.com/jp/info/js09002.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/53349
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/34403
Third Party Advisory third-party-advisory
x_refsource_jvndb
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000018.html
Various Sources x_refsource_misc
http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20090407
Various Sources x_refsource_misc
http://www.ipa.go.jp/security/vuln/documents/2009/200904_ichitaro.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/49739
Third Party Advisory third-party-advisory
x_refsource_jvn
http://jvn.jp/en/jp/JVN33846134/index.html
Scores
EPSS
0.0348
EPSS Percentile
87.7%
Details
CWE
CWE-119
Status
published
Products (10)
justsystems/ichitaro
13
justsystems/ichitaro
2004
justsystems/ichitaro
2005
justsystems/ichitaro
2006 (2 CPE variants)
justsystems/ichitaro
2007 (2 CPE variants)
justsystems/ichitaro
2008 (2 CPE variants)
justsystems/ichitaro
2009 (3 CPE variants)
justsystems/ichitaro
bungei
justsystems/ichitaro_viewer
19.0.1.0
justsystems/ichitaro_viewer
20.0.2.0
Published
Apr 06, 2010
Tracked Since
Feb 18, 2026